Security over wireless networks is a primary concern for many organisations and users utilizing wireless networks. Most effort on wireless security is in the well-established areas of encryption, distribution of keys, using an array of established techniques to avoid eavesdropping and attacks like denial of service.
Data, voice, and video communications in emerging wireless networks form a significant part of future e-commerce, transportation, and military systems. Some of these emerging wireless networks may be connected to other networks, through access points to either traditional wired networks or other wireless networks using differing technologies at the link layer. Some emerging wireless networks may include so-called mesh networks, where indirect routing to an access point via other nodes of the network is utilized for network-efficiency reasons. For example, see Conner, S, and Gryder, R, “Building a Wireless World with Mesh Networking Technology,” Intel Technology Magazine, November 2003, pp. 1-6, (http://www.intel.com/update/departments/netcomm/nc11032.pdf). Some emerging wireless networks may include isolated ad-hoc networks (no access points), used for example at emergency sites, military zones, or within single transportation systems. Next generation mobile phone networks such as 3G are another form of wireless data network that are expected to be ubiquitous in the near future.
Wireless Local Area Network (WLAN) technologies, including the 802.11 architecture, are especially useful for local high-throughput situations. Networks based on such technologies can be readily deployed for commercial, military or emergency services. These WLAN technologies are well suited for situations where no pre-existing infrastructure exists, or has been destroyed, or is deemed to be insecure. While WLANs can be meshed together to form networks on the scale of kilometers, networks larger than this scale are most likely the domain of 3G. The seamless attachment of WLAN networks to next generation 3G wireless networks is also an intensive area of research. For example, see Ahmavaara, Kalle, Haverinen, Henry, and Pichna, Roman, “Interworking architecture between 3GPP and WLAN systems”, IEEE Communications Magazine, No. 11, November 2003, pp. 74-81.
Security over emerging wireless networks remains a pivotal issue, consuming a large fraction of current research in the field. See Karygiannis, T., and Owens, L., Wireless Network Security, National Institute of Standards and Technology, Special Publication 800-48, 2002 (http://csrc.nist.gov/publications/nistpubs/800-48/NIST_SP—800-48.pdf). Indeed, significant focus has been on the 802.11 architecture, with the IEEE 802.11i task group charged with enhancement of the base IEEE 802.1X protocol(s) in a WLAN. The task group aims to replace the easy-to-circumvent Wired Equivalent Privacy (WEP), with a layer 2 security specification for authentication and encryption of WLAN traffic.
Position location in wireless networks has attracted attention in the literature. See Koshima, H., and Hoshen, J., “Personal locator services emerge,” IEEE Spectrum, Vol. 32, No. 2, February 2000, pp. 41-48. Such research has focused to some extent on development of positioning algorithms related to emergency (E-911) location of mobile handsets in GSM and 3G systems, to meet the mandated U.S. Federal Communications Commission (FCC) requirements of 50 m accuracy by 2003. See Federal Communications Commission Enhanced 911 Report (http://www.fcc.gov/911/enhanced/). Position location in other wireless networks, such as WLAN networks, does not fall within the FCC mandate. But as a consequence of the applicability of WLAN networks in a range of circumstances (not to mention their wide deployment as a consequence of inexpensive 802.11b cards) position location research in 802.11 WLAN networks is topical. See Bahl, Paramvir, and Padmanabhan, Venkata N, “RADAR: An In-Building RF-based User Location and Tracking System,” In Proceedings of INFOCOM, 2000, pp. 775-784.
The positioning techniques deployed are dependent to a large extent on the operation of the underlying wireless network. In 802.11 networks, received signal-strength (RSS) measurements are often applicable. In practice, position technologies based on RSS measurements are susceptible to a host of environmentally induced errors. Interference, signal loss by obstructions, multi-path induced fading, and mobility effects are a few of the problems faced. In spite of this, accurate positioning can in fact occur in such systems. Accuracies of 2-3 meters are reported in the literature, with a recent study of robotic movement in building environments reporting 1.5 meter accuracy. See Ladd, A. M., Bekris, K. E., Marceau, G., Rudys, A., Wallach, D. S., and Kavraki, L. E., “Robotics-Based Location Sensing using Wireless Ethernet,” In 8th ACM MOBICOM, Atlanta, Ga., September 2002, (http://citeseer.ni.nec.com/ladd02roboticsbased.html).
The most accurate RSS algorithms deploy a technique known as fingerprinting. In this method, the region over which the WLAN is deployed has a statistical database of the RSS expected from each access point (i.e., the fingerprint). The estimated position of the node in the network is usually associated with the point in the fingerprint providing the smallest Euclidean distance between the estimated position and the RSS signals from nearby access points.
In environments where no such fingerprint exists, such as in-the-field emergency or military deployment, the propagation method must be deployed. In this method, a mathematical model of the RSS as a function of distance in the anticipated environment is used. Triangulation, using three or more RSS measurements, is used to determine the position of the device. Although generally less accurate than the fingerprinting technique, propagation type models can be used to obtain useful position information. Recently, accuracies in range 5-10 meters were found using this method.
More detailed work on maximum-likelihood techniques for position location have been proposed, where RSS measurements between the nodes themselves are exploited. See Patwari, Neal, Hero III, Alfred O, Perkins, Matt, Correal, Neiyer S, and O'Dea, Robert J, “Relative Location Estimation in Wireless Sensor Networks”, IEEE Tran Signal Processing, Vol. 51, No. 8, 2003, pp. 2137-2148. Also, even without any position information on nodes or access points, it has been recently shown how a useful relative position framework can be deployed. See S. Capkun, M. Hamdi, and J.-P. Hubaux, “GPS-free positioning in mobile ad-hoc networks,” In 34th IEEE Hawaii Int. Conf. on System Sciences (HICSS-34), Maui, Hi., January 2001, 3481-3490, (http://citeseer.nj.nec.com/capkun01gpsfree.html).
Although introduction of mobility would seem problematic, some prior information on the probabilistic motion of a node can be exploited by recursive filter techniques to assist the position location algorithms. This may be done using an extended Kalman filter, a hidden Markov model approach, or a particle-filter approach. Particle filter approaches (essentially sequential Monte Carlo simulations of the a posterior position distribution function) appear to be superior. See Krumm, J., “Probabilistic Inferencing for Location,” 2003 Workshop on Location-Aware Computing (Part of UbiComp 2003), Oct. 12, 2003, Seattle, Wash., USA. Location Aware Networks for security purposes have been proposed. See “Location Enabled Networks,” Newbury Networks White Paper 2003, Wireless Security Perspectives Vol. 5, No. 3, March, 2003, (ISSN 1492-806X (print) published monthly by Cellular Networking Perspectives (http://www.newburvnetworks.com/downloads/wsp0303.pdf). In such networks, the positioning ability of the wireless network itself is used to track unauthorized access points that appear within unauthorized areas for significant amounts of time.
GPS position location for security purposes has also been pursued, where GPS information is used directly in the encryption and decryption processes. See Denning, Dorothy E., and MacDoran, Peter F., “Location-Based Authentication: Grounding Cyberspace for Better Security,” In Computer Fraud & Security, February 1996, Elsevier Science Ltd (http://www.cosc.georgetown.edu/˜denning/infosec/Grounding.txt; see also http://www.gpsworld.com/gpsworld/article/articleDetail.isp?id=57975&pageID=1). Even though the problem of making the encryption device and the GPS receiver tamperproof may not be completely solved, GPS encryption has gathered the interests of US commercial and military organisations. See Epstein, K, “How Geo-Encryption Makes Copyright Protection Global,” CIO Insight Magazine, (http://www.cioinsight.com/print_article/0,3668,a=24831,00.asp).
Using position location for security purposes in wireless networks is an emerging field. However, a need clearly exists for a system where a wireless network calculates and delivers quantitative statistical probability levels associated with a node's security level based on its claimed position.
In accordance with yet further aspects of the invention, apparatuses and computer program products are provided for implementing each of the foregoing aspects of the invention.